Published: 05/10/2021 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 556

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity. (CVE-2021-33193) A NULL pointer dereference in httpd allows an unauthenticated remote malicious user to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability. (CVE-2021-34798) An out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticated malicious user to crash the service through a crafted request. The highest threat from this vulnerability is to system availability. (CVE-2021-36160) An out-of-bounds write in function ap_escape_quotes of httpd allows an unauthenticated remote malicious user to crash the server or potentially execute code on the system with the privileges of the httpd user, by providing malicious input to the function. (CVE-2021-39275) A Server-Side Request Forgery (SSRF) flaw was found in mod_proxy of httpd. This flaw allows a remote, unauthenticated malicious user to make the httpd server forward requests to an arbitrary server. The attacker could get, modify, or delete resources on other services that may be behind a firewall and inaccessible otherwise. The impact of this flaw varies based on what services and resources are available on the httpd network. (CVE-2021-40438) While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project. (CVE-2021-41524) A path transversal flaw was found in Apache 2.4.49. A remote attacker could use this flaw to map URLs to files outside the expected document root. Additionally this flaw could leak the source of interpreted files like CGI scripts. (CVE-2021-41773) A path transversal and remote code execution flaw was found in Apache HTTP Server 2.4.49 and 2.4.50. A remote attacker could use this flaw to map URLs to files outside the expected document root. Additionally, this flaw could leak the source of interpreted files like CGI scripts. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased paths, this could allow for remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This is an incomplete fix for CVE-2021-41773. (CVE-2021-42013)

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache http server 2.4.49
fedoraproject fedora 34
fedoraproject fedora 35
oracle instantis enterprisetrack 17.1
oracle instantis enterprisetrack 17.2
oracle instantis enterprisetrack 17.3
netapp cloud backup -

A NULL pointer dereference was found in Apache httpd mod_h2 The highest threat from this flaw is to system integrity (CVE-2021-33193) A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests The highest threat from this vulnerability is to system availability (CVE-2021-347 ...

A flaw was found in a change made to path normalization in Apache HTTP Server 2449 An attacker could use a path traversal attack to map URLs to files outside the expected document root If files outside of the document root are not protected by "require all denied" these requests can succeed Additionally this flaw could leak the source of inter ...

On October 5, 2021 and October 7, 2021, the Apache Software Foundation released two security announcements for the Apache HTTP Server that disclosed the following vulnerabilities: CVE-2021-41524: Null Pointer Dereference Vulnerability CVE-2021-41773: Path Traversal and Remote Code Execution Vulnerability CVE-2021-42013: Path Traversal and Remote ...

Apache HTTP Server version 2449 suffers from a path traversal vulnerability ...

This is another variant of the Apache HTTP server version 2450 remote code execution exploit ...

This Metasploit module exploits an unauthenticated remote code execution vulnerability which exists in Apache version 2449 (CVE-2021-41773) If files outside of the document root are not protected by ‘require all denied’ and CGI has been explicitly enabled, it can be used to execute arbitrary commands This vulnerability has been reintroduced ...

This module exploit an unauthenticated RCE vulnerability which exists in Apache version 2449 (CVE-2021-41773) If files outside of the document root are not protected by ‘require all denied’ and CGI has been explicitly enabled, it can be used to execute arbitrary commands (Remote Command Execution) This vulnerab ...

This module scans for an unauthenticated RCE vulnerability which exists in Apache version 2449 (CVE-2021-41773) If files outside of the document root are not protected by ‘require all denied’ and CGI has been explicitly enabled, it can be used to execute arbitrary commands (Remote Command Execution) This vulner ...

oss-sec mailing list archives   By Date By Thread </form>    RE: CVE-2021-41773: Path traversal and file disclosure vulnerability in Apache HTTP Server 2449  ...

oss-sec mailing list archives   By Date By Thread </form>    Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2449 and 2450 (incomplete fix of CVE-202 ...

oss-sec mailing list archives   By Date By Thread </form>    CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2449 and 2450 (incomplete fix of CVE-2021-41 ...

oss-sec mailing list archives   By Date By Thread </form>    Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2449 and 2450 (incomplete fix of CVE-202 ...

This module exploit an unauthenticated RCE vulnerability which exists in Apache version 2.4.49 (CVE-2021-41773). If files outside of the document root are not protected by ‘require all denied’ and CGI has been explicitly enabled, it can be used to execute arbitrary commands (Remote Command Execution). This vulnerability has been reintroduced in Apache 2.4.50 fix (CVE-2021-42013).

msf > use exploit/multi/http/apache_normalize_path_rce
msf exploit(apache_normalize_path_rce) > show targets
    ...targets...
msf exploit(apache_normalize_path_rce) > set TARGET < target-id >
msf exploit(apache_normalize_path_rce) > show options
    ...show and set options...
msf exploit(apache_normalize_path_rce) > exploit

This module scans for an unauthenticated RCE vulnerability which exists in Apache version 2.4.49 (CVE-2021-41773). If files outside of the document root are not protected by ‘require all denied’ and CGI has been explicitly enabled, it can be used to execute arbitrary commands (Remote Command Execution). This vulnerability has been reintroduced in Apache 2.4.50 fix (CVE-2021-42013).

msf > use auxiliary/scanner/http/apache_normalize_path
msf auxiliary(apache_normalize_path) > show actions
    ...actions...
msf auxiliary(apache_normalize_path) > set ACTION < action-name >
msf auxiliary(apache_normalize_path) > show options
    ...show and set options...
msf auxiliary(apache_normalize_path) > run

CVE-2021-41773 Path Traversal vulnerability in Apache 2.4.49.

cve-2021-41773 CVE-2021-41773 Path Traversal vulnerability in Apache 2449 RCE POC PoC Payload curl -s --path-as-is ":[PORT]/icons/%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd curl -s --path-as-is --data "echo;Command" "[IP]:[PORT]/cgi-bin/%2e/%2e%2e/%2e%2e/bin/sh Follow us Vulnmachines YouTube Twitter Facebook LinkedIn

MASS CVE-2021-41773

mass_cve-2021-41773 MASS CVE-2021-41773 Screenshot Usage ! python3 -m pip install requests pyyhon3 cve-2021-41773py urlisttxt pool Note ! results will be automatically saved in vulntxt u can add a common dir on mass_cve-2021-41773/cve-2021-41773py Line 49 in 4579bdb common_dir

Apache HTTPd (2.4.49) – Local File Disclosure (LFI)

CVE-2021-41773 Playground This is a small Docker recipe for setting up a Debian bookworm based container with an instance of the Apache HTTPd (2449) that is vulnerable to CVE-2021-41773 CGI has been explicitly enabled so it can be used to test/verify Local file Disclosure behavior as well as Remote Command Execution behavior Usage $ docker-compose build && d

CVE-2021-41773 PoC Proof of concept to check if hosts are vulnerable to CVE-2021-41773 Description (cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2021-41773) A flaw was found in a change made to path normalization in Apache HTTP Server 2449-2450 An attacker could use a path traversal attack to map URLs to files outside the expected document root If files outside of

Path Traversal vulnerability in Apache 2.4.49

CVE-2021-41773 Path Traversal vulnerability in Apache 2449 This issue only affects Apache 2449 and not earlier versions MORE INFO pentesterguruji-notesnotionsite/CVE-2021-41733-f58b52f484b94671b319c107ac2739bf

CVE-2021-41773 - Apache HTTP Server 2449 Cara Menjalankan Lab CVE-2021-41773-Path Traversal Install dan jalankan Docker di PC/Laptop anda Clone github repo ini Pergi ke folder Path Traversal Masukan perintah sebagai berikut docker build -t cve-2021-41773-path-traversal dan docker run --rm -dit -p 8888:80 cve-2021-41773-path-traversal Akses menggunakan browser dengan mengun

CVE-2021-41773 I have developed a POC of CVE-2021-41773 , RCE + cgi-bin path traversal NOTE : TESTED ON APACHE2 2449 You can pulled vuln Apache2 2449 directly from Docker $ sudo docker pull blueteamsteve/cve-2021-41773:no-cgid $ sudo docker run -dit -p 80:80 blueteamsteve/cve-2021-41773:no-cgid localhost:80 path traversal RCE

CVE-2021-41773 的复现

CVE-2021-41773 复现 wwwtenablecom/blog/cve-2021-41773-path-traversal-zero-day-in-apache-http-server-exploited v2449 apache 独有漏洞，早期版本中并没有 ap_normalize_path 这个函数，该函数是在v2449版本中引入的，正是这个函数导致了目录穿越，在 v2450 被修复了环境 githubcom/1nhann/CVE-2021-41773 本环境

A Python script to check if an Apache web server is vulnerable to CVE-2021-41773

CVE-2021-41773 scanner This script tests for the path traversal and local file inclusion vulnerability in Apache version 2429, this script doesn't return local files, it merely scans the web server and tells you if it's vulnerable or not Usage: python3 cve-2021-41773-scannerpy IPv4 address

CVE-2021-41773 (Apache httpd only 2449) For educational purposes only See Reference for the details Run $ git clone githubcom/masahiro331/CVE-2021-41773git $ cd CVE-2021-41773 $ docker build -t cve-2021-41773 $ docker run -d -p 8080:80 cve-2021-41773 Exploit # This vulnerability affects the use of Alias $ curl loca

CVE-2021-41773 Proof of Concept Quick and dirty proof of concept for checking if hosts vulnerable to CVE-2021-41773 python3 fullpy hoststxt Where hoststxt contains your targets: domaincom blahcom 19216811 It'll print out if the host is vulnerable or not vulnerable Python version of bas

Apache 2.4.49

CVE-2021-41773 Path Traversal for Apache 2449 Affected base (time: 22:49 06/10/2021) Usage # IP python3 CVE-2021-41773py -i 10101010 -s # List of ips python3 CVE-2021-41773py -l /home/ac1d/Documents/code/python/CVE-2021-41773/ipstxt -s Screenshot

Vulnerable docker images for CVE-2021-41773

Vulnerable docker images for CVE-2021-41773 Apache path traversal This vulnerabiltiy only applies to version 2449 that have specific non-default configs In certain situations this can result in either file read or code execution twittercom/ptswarm/status/1445376079548624899 Vulnerable file read config Containers can be pulled directly from Docker Hub using docker

Cve-2021-41773-grabber Path traversal and file disclosure vulnerability in Apache HTTP Server 2449 This script grabber vuln server for cve 2021-41773 from shodan How to Usage : use python 3 install shodan module " pip install shodan" change keyword on script with your shodan keyword need your shodan api key run : python3 apachepy [count of output]

用于检测/利用Apache 2449与2450上的目录穿越/命令执行漏洞使用：漏洞检测：python3 CVE-2021-41773-42013py -u url 读取文件： python3 CVE-2021-41773-42013py -u url -m read -f filepath 执行命令：python3 CVE-2021-41773-42013py -u url -m exec -c command -s shell(默认/bin/sh)

A automatic scanner to apache 2.4.49

Scanner-CVE-2021-41773 A automatic scanner to apache 2449 • run: go run maingo OR go build maingo && /main • you can customize your payload • vulnerable hosts are saved Make your lab: 1 Pull Image: sudo docker pull blueteamsteve/cve-2021-41773:no-cgid 2 Run Image: sudo docker run -dit -p 8080:80 blueteamsteve/cve-2021-41773:no-cgid 3 E

Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 (CVE-2021-41773)

CVE-2021-41773 Path traversal and file disclosure vulnerability in Apache HTTP Server 2449 (CVE-2021-41773) Info A flaw was found in a change made to path normalization in Apache HTTP Server 2449 An attacker could use a path traversal attack to map URLs to files outside the expected document root If files outside of the document root are not protected by "require all

Unix v7 UUCP had a bug in the chkpth() code

The 1978 UNIX v7 UUCP chkpth() bug Unix v7 UUCP had a bug in the chkpth() code The bug in UUCP is from way-way-back in the late 70's and early 80's and was within the original UUCP code included in Unix v7 and it's newer derived versions CVE-2021-41773 The bug lives on in Apache and the recent CVE-2021-41773 (CVE == Common Vulnerabilities and Exposures) It&

Exploit for Apache 2.4.49

CVE-2021-41773 This is my first time trying to make an exploit for something sobe nice 😁 [*] Exploit Title: Apache HTTP Server 2449 Path Traversal [*] Author: 0xRar , 0xrarnet [*] CVE: CVE-2021-41773 [*] Version: Apache 2449 [*] Not Tested Yet Help Command: python3 exploitpy -h

PoC for CVE-2021-41773 with docker to demonstrate

CVE-2021-41773-PoC PoC for CVE-2021-41773 with docker to demonstrate Run Just run /pocsh Make sure you have working docker and docker-compose $ /pocsh Creating network "cve-2021-41773-poc_default" with the default driver Creating cve-2021-41773-poc_web_1 done root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/u

Poc CVE-2021-41773 - Apache 2.4.49 with CGI enabled

CVE-2021-41773 Poc CVE-2021-41773 - Apache 2449 with CGI enabled Usage : chmod -x CVE-2021-41773sh /CVE-2021-41773sh ip:port/ /etc/passwd References nvdnistgov/vuln/detail/CVE-2021-41773 cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2021-41773>

php Thinkphp Apache CVE-2021-41773 oa landray_oa(蓝凌oa) 前台任意文件读取 seeyon_oa(致远oa) yonyou(用友) 用友NC BeanShell RCE php Thinkphp Apache CVE-2021-41773 影响版本 Apache HTTP SERVER 2449 参考 oa landray_oa(蓝凌oa) 前台任意文件读取 seeyon_oa(致远oa) yonyou(用友) 用友NC BeanShell RCE 影响版本用友NC65 参考

CVE-2021-41773 Path traversal and file disclosure vulnerability in Apache HTTP Server 2449 This script test Apache HTTP Server 2449 Usage: CVE-2021-41773py options Only for one IP: python CVE-2021-41773py IP_address Option -f For IP list in file Example: python CVE-2021-41773py -f IP_address_list_filename Option -s For IP subnet Example: python CVE-2021-41773py -s 192

CVE-2021-41773 playground

CVE-2021-41773 POC with Docker

CVE-2021-41773 CVE-2021-41773 POC with Docker Configuration To customize the httpdconf file, change line 251 in the <Directory /> section from Require all denied to Require all granted <Directory /> AllowOverride none Require all granted </Directory> Create a Dockerfile in your project F

Detectar vulnerabilidades script con nmap

nmap Coleccion de simples NSE-script para nmap, para detectar Path Traversal y otras vulnerabilidades git clone githubcom/hackingyseguridad/nmap/ cp cve-2021-41773nse /usr/share/nmap/scripts/ Uso: Por ejemplo: nmap -Pn -p80,443 -sVC --script=cve-2021-41773nse

CVE-2021-41773

target/cgi-bin/%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts id: CVE-2021-41773 info: name: Apache 2449 Exploit author: numanturle severity: high requests: - method: GET path: - "{{BaseURL}}/cgi-bin/%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts" matchers-condition: and matchers: - type: regex regex: - "127001"

Exploitation of CVE-2021-41773 a Directory Traversal in Apache 2.4.49.

CVE-2021-41773 Exploitation of CVE-2021-41773 a Directory Traversal in Apache 2449

CVE-2021-41773-RCE

apache_path_traversal This is a PoC for the directory traversal apache vulnerability CVE-2021-41773 that supports multiple hosts Usage : python3 poc_CVE-2021-41773py hoststxt

Mass exploitation CVE-2021-41773 and auto detect possible RCE

CVE-2021-41773 Mass exploitation CVE-2021-41773 and auto detect possible RCE

This is a simple POC for Apache/2.4.49 Path Traversal Vulnerability

CVE-2021-41773 This is a simple poc for Apache Path Traversal Vulnerability Vulnerable versions: Apache/2449 Apache/2450 with mod_cgi disabled

CVE-2021-41773, poc, exploit

Usage file ip-portstxt: 1111:80 node CVE-2021-41773js ip-portstxt

Fast python tool to test apache path traversal CVE-2021-41773 in a List of url

CVE-2021-41773 Fast python tool to test apache path traversal CVE-2021-41773 in a List of url Usage :- create a live urls file and use the flag "-l" python3 apache_path_traversalpy -l urls-listtxt

POC

CVE-2021-41773 POC

Apache 2.4.49 Path Traversal Vulnerability Checker

CVE-2021-41773 Apache 2449 Path Traversal Vulnerability Checker Example Platform Linux & Windows

CVE-2021-41773 Grabber

Apachuk - CVE-2021-41773 Grabber with Shodan Grabber Apache Directory traversal with Shodan Rewrite code from : githubcom/mohwahyudi/cve-2021-41773 How To Use pip3 install requirementstxt python3 mainpy -a [Shodan Api Key] -k [Keyword for shodan] Shodan API Key ? Login / Register to Get your shodan API Key on accountshodanio/ Example python3 mainpy -a

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

CVE-2021-41773 Apache HTTP Server 2449, 2450 - Path Traversal & RCE

Custom made cve exploits

CVE-2021-41773py Apache 2449 Path Traversal

Simple honeypot for CVE-2021-41773 vulnerability

CVE-2021-41773_Honeypot lopqtome/posts/building-highly-interactive-honeypots

CVE-2021-41773

《Go语言自研安全工具》

Go语言自研安全工具本项目用于记录自己使用Go语言开发的一些小型的安全相关工具。作者不会对程序添加任何形式的后门，程序不会对系统产生任何的破坏。但工具仅适用于甲方自查或乙方在授权的情况下进行测试。请各位师傅放心使用，风险自担。本人太菜，代码写的太烂，所有程序

cve-2021-41773.py is a python script that will help in finding Path Traversal or Remote Code Execution vulnerability in Apache 2.4.49

Apache 2449 - Path Traversal or Remote Code Execution cve-2021-41773py is a python script that will help in finding Path Traversal or Remote Code Execution vulnerability in Apache 2449 Vulnerable instance of Docker is provided to get your hands dirty on CVE-2021-41773 If CGI-BIN is enabled than, we can perform Remote Code Execution but not Path Traversal, so "icons&q

Poc.py

POC CVE-2021-41773 Poc para testear la vulnerabilidad CVE-2021-41773 correspondiente al servicio apache httpd 2449 POC Open your favorite Terminal and run these commands First Tab: wget rawgithubusercontentcom/TishcaTpx/POC-CVE-2021-41773/main/pocpy Second Tab: python3 pocpy exampledomaincom

Path Traversal and RCE in Apache HTTP Server 2.4.49

CVE-2021-41773 Quick proof of concept The script check for LFI and RCE in Apache 2449, you can test a single target or a list Make sure you specify HTTP or HTTPS for a single target Test only if you're authorized, be smart Example usage: python3 cve2021-41773py -target DOMAIN/IP -protocol HTTP/HTTPS -file domain_listtxt

The first vulnerability with the CVE identifier CVE-2021-41773 is a path traversal flaw that exists in Apache HTTP Server 2.4.49.

CVE-2021-41773 🐛 Path traversal and file disclosure vulnerability in Apache HTTP Server 2449 A flaw was found in a change made to path normalization in Apache HTTP Server 2449 An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives If files outside of these directories are not protected by the usual

CVE-2021-41773

CVE-2021-41773 Hello guys, yesterday The new CVE-2021-41773 for apache 2449 verison is released So in this case, i want to explain about this apache vulnerability Playground So, I think you guys want to test this vulnerability in website So i have a playground place for you guys This is the website to download docker image of example apache 2449 Docker Image Note: there

CVE-2021-41773 Path traversal and file disclosure vulnerability in Apache HTTP Server 2449 Usage python3 apache2-4-49py -h python3 apache2-4-49py --check --single examplecom Reference wwwtenablecom/blog/cve-2021-41773-path-traversal-zero-day-in-apache-http-server-exploited nvdnistgov/vuln/detail/CVE-2021-41773

CVE-2021-41773 apache version 2449 simaple poc How use scipt chmod +x apachesh /apachesh <file_tagret> exmaple /apachesh 127001 etc/passwd

Simple script realizado en bash, para revisión de múltiples hosts para CVE-2021-41773 (Apache)

Simple CVE-2021-41773 checker Simple script realizado en bash, para revisión de múltiples hosts para CVE-2021-41773 (Apache) [+] Uso: /CVE-2021-41773sh hoststxt

CVE-2021-41773

CVE-2021-41773-nse By George Labrin (@creadpag) Checks if Server is vulnerable to Apache 2449 CVE-2021-41773 POC Open your favorite Terminal and run these commands Use NMAP First Tab: mv cve-2021-41773nse /usr/share/nmap/scripts/ Second Tab: sudo nmap -Pn --script=cve-2021-41773nse XXXX -p X

CVE-2021-41773 apache http server vulnerability (only works 2449) requirement settings httpdconf <IfModule mpm_prefork_module> LoadModule cgi_module modules/mod_cgiso # uncomment this line </IfModule> <Directory /> AllowOverride none # Require all denied # comment out this line or set `Require all granted` </D

Setup vulnerable enviornment

CVE-2021-41773 Setup vulnerable enviornment

Path traversal in Apache HTTP Server 2.4.49 (CVE-2021-41773)

CVE-2021-41773 Path traversal in Apache HTTP Server 2449 (CVE-2021-41773) For educational purposes only Test Set up the PoC environment $ docker build -t cve-2021-41773 $ docker run --rm -dit -p 8000:80 cve-2021-41773 Confirm it works $ curl localhost:8000 <html><body><h1>It works!&

CVE-2021-41773

CVE-2021-41773 | Apache HTTP Server 2.4.49 is vulnerable to Path Traversal and Remote Code execution attacks

CVE-2021-41773 CVE-2021-41773 According to The National Vulnerability Database (NVD) CVE-2021-41773, Apache HTTP Server 2449 is vulnerable to Path Traversal and Remote Code execution attacks Path Traversal The path traversal vulnerability was introduced due to the new code change added for path normalization ie, for URL paths to remove unwanted or dangerous parts from the

POC-CVE-2021-41773 On the 5th of October 2021, a CVE detailing a path traversal attack on Apache HTTP Server v2449 was released Assigned the number CVE-2021-41773, it was released with the following description: A flaw was found in a change made to path normalization in Apache HTTP Server 2449 An attacker could use a path traversal attack to map URLs to files outside the

Mitigation/fix of CVE-2021-41773 A Path Traversal And File Disclosure Vulnerability In Apache

Mitigation-CVE-2021-41773- Shell Script to mitigate CVE-2021-41773 A Path Traversal And File Disclosure Vulnerability In Apache Installation wget githubcom/EkamSinghWalia/Mitigation-CVE-2021-41773-git Usage Complete fix and suggested way to mitigate the vulnerabilty This script will upgrade and update system repo and apache bas

These Metasploit, Nmap, Python and Ruby scripts detects and exploits CVE-2021-41773 with RCE and local file disclosure.

CVE-2021-41773 Description This script exploits CVE-2021-41773 to print file or/and execute command This script is available for: Nmap Python Ruby Requirements Python python3 python3 Standard Library Ruby Ruby Ruby Standard Library Install git clone githubcom/mauricelambert/CVE-2021-41773git cd CVE-2021-41773 # Python pip install -r requirementstxt

Vulnerable configuration Apache HTTP Server version 2.4.49

CVE-2021-41773 Vulnerable service Installation Several options: 1 Docker container docker run -d -p 8080:80 12345qwert123456/apache_2_4_49_cve-2021-41773 2 Dockerfile git clone githubcom/12345qwert123456/CVE-2021-41773git cd CVE-2021-41773-Vulnerable-service/2449 docker build -t apache_2_4_49_cve-2021-41773 docker run -d

Docker vulnerabile per scopi accademici con Apache 2.4.49.

vulnerable_docker_apache_2_4_49 Repository per scopi accademici Docker per l'exploit della vulnerabilità CVE-2021-41773 Per maggiori informazioni: githubcom/BlueTeamSteve/CVE-2021-41773 Credits to: githubcom/BlueTeamSteve DockerHub Link: hubdockercom/r/m96dg/pw_apache_2_4_49

cve-2021-41773 Chạy Server $ docker build -t cve-2021-41773 $ docker run --rm -d -p 80:80 cve-2021-41773 Khai thác curl --data "echo;id" 'localhost/cgi-bin/%2e/%2e/%2e/%2e/etc/passwd' Nguyên nhân Lỗi cấu hình trong file httpdconf kết hợp Path traversal => RCE

CVE-2021-41773 vulnerable apache version 2.4.49 lab set-up.

apache2449VulnerableLabSetup CVE-2021-41773, Apache HTTP Server 2449 is vulnerable to Path Traversal and Remote Code execution attacks This repo is to simulate the vulnerability

Exploit for path transversal vulnerability in apache

Exploit for Apache2 Exploit for path transversal vulnerability in apache Version: 2449 CVE: CVE-2021-41773 Pull docker image docker pull httpd:2449-alpine Configure apache In /usr/local/apache2/conf/httpdconf replace these entries <Directory /> AllowOverride none - Require all denied + #Require all denied

Mitigation/fix of CVE-2021-41773 A Path Traversal And File Disclosure Vulnerability In Apache

My past public researches are archived here

heitorgouveame Some notes, analysis and proof-of-concepts about my vulnerability research journey Summary My research focus is vulnerability discovery in applications/services and exploit devlopment, I have fun bypassing modern defenses, exploring systems and playing with new technologies and in parallel: sharing some of my research

CVE-2021-41773 Gaurav Raj's exploit modified by Plunder

CVE-2021-41773 ( Apache / 2449 ) CVE-2021-41773 exploit by Gaurav Jav modified by Plunder in order to use custom exploit Usage : $ py exploitpy -h usage: exploitpy [-h] -t TARGET [-b BINARY] Apache2 2449 Exploit options: -h, --help show this help message and exit -t TARGET, --target TARGET Specify the

CVE-2021-41773

if DNS hangs on kali,use this tofix service networking restart ssh pattern for some machines ssh -o "UserKnownHostsFile=/dev/null" -o "StrictHostKeyChecking=no" learner@1921685052 Info gathering Domain Registrar whois offensive-securitycom -h 192168210251

CVE-2021-41773 Apache2 2449 - LFI & RCE Exploit Info # Exploit Title: Apache HTTP Server 2449 - Path Traversal & Remote Code Execution (RCE) # Exploit Author: Gaurav Raj gauravrajxyz bloggauravrajxyz # Vendor Homepage: apacheorg/ # Version: 2449 # Tested on: 2449 # CVE : CVE-2021-41773

CVE-2021-41773 A flaw was found in a change made to path normalization in Apache HTTP Server 2449-2450 An attacker could use a path traversal attack to map URLs to files outside the expected document root If files outside of the document root are not protected by "require all denied" these requests can succeed Additionally this flaw could leak the source of int

CVE-2021-41773 Fast python tool to test apache path traversal CVE-2021-41773 in a List of url Usage :- create a live urls file and use the flag "-l" python3 apache_path_traversalpy -l urls-listtxt

Apache2 2.4.49 - LFI & RCE Exploit - CVE-2021-41773

Vulnerable configuration Apache HTTP Server version 2.4.49

CVE-2021-41773 Usage [+] python /exploitpy [-OPTIONS] [Target/List of Targets] [+] -h : help [+] -url <target>: specifict the target to check [+] -list <filename>: Scan multiple targets Example -h: help -url: url -list: path to file

mass_cve-2021-41773 MASS CVE-2021-41773 Screenshot Usage ! python3 -m pip install requests pyyhon3 cve-2021-41773py urlisttxt pool Note ! results will be automatically saved in vulntxt u can add a common dir on githubcom/i6c/MASS_CVE-2021-41773/blob/main/cve-2021-41773py#L51 References wwwtenablecom/blog/cve-2021-41773-path-traversal-zero-day-in-apa

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can s…

CVE-2021-41773-exercise A flaw was found in a change made to path normalization in Apache HTTP Server 2449 An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can

Essay (and PoCs) about CVE-2021-41773, a remote code execution vulnerability in Apache 2.4.49 🕸️

CVE-2021-41773 Essay 🕸️ Description 🖼️ This repository contains an essay about CVE-2021-41773, a remote code execution vulnerability in Apache 2449 This was created for a course from Faculty of Automatic Control and Computers, University POLITEHNICA of Bucharest, namely "Cyberdefences and Cyberintelligence" Folders Structure 📁 The folder structure is

CVE-2021-41773 Docker $ sudo docker build -t <image_name> $ sudo docker run -d -t -p 80:80 --name <container_name> <image_name> /bin/bash $ sudo docker exec -it <container_name> /bin/apachectl -k restart To access docker container for custom config file $ docker exec -it <c

Live for Go hackers (bug bounty)

Golang For Bug Hunting (Live) In these two live sessions, I intended to teach how to write tools with golang for vulnerability hunting Video by @raminfp Part 1 (Persian language) - wwwyoutubecom/watch?v=GY6vrAH_SuU Part 2 (Persian language) - wwwyoutubecom/watch?v=KEMFi0V2zdM Code Recon Port scan slow Port scan fast Port scan no auth database Arvan Cl

apache路径穿越漏洞poc&exp

CVE-2021-41773 go语言poc&exp项目。声明：该项目来自作者日常学习笔记。请勿利用相关技术以及工具从事非法测试，如因此产生的一切不良后果作者无关。使用： /main -u <url> 单个url /main -u <url> -c <command> 单个url执行单个命令 /main -f <file>

Przygotowanie Środowiska Docker Desktop Docker to platforma do tworzenia, uruchamiania i zarządzania kontenerami oprogramowania Kontenery to lekkie, samodzielne jednostki oprogramowania, które zawierają wszystko, czego potrzeba do uruchomienia aplikacji, w tym kod, biblioteki, zależności i pliki konfiguracyjne John the Ripper | Hashcat Hash od Serwera Jest to

Taak Cybersecurity

CyberSecurityTaak-El-Jari This repository is for the Cybersecurity & Virtualisation course at [HoGent] (hogentbe) Content On the 5th of October 2021, a CVE detailing a path traversal attack on Apache HTTP Server 2449 was released Assigned the number CVE-2021-41773, it was released with the following description: A flaw was found in a change made to path nor

Web API Security Detection System

Web-API-Security-Detection-System Overall Architecture 1、The Interface Collector is responsible for receiving the Web API interfaces that need to be tested and importing them into memory for the Parser to retrieve and parse 2、The Parser is responsible for parsing the Web API interface packets, ie, parsing the HTTP packets and storing them into the class objects implemen

Shodan Dorks 2023

Shodan Dorks 2023 Recopilación de Querys de shodan con scripts personalizados :) DICOM El estándar DICOM (Digital Imaging and Communications in Medicine) es un estándar utilizado en la industria médica para la gestión, almacenamiento y transmisión de imágenes médicas, como radiografías, tomografías computariz

python编写的apache路径穿越poc&exp

CVE-2021-41773 python语言poc&exp项目。声明：该项目来自作者日常学习笔记。请勿利用相关技术以及工具从事非法测试，如因此产生的一切不良后果作者无关。使用： python mainpy -h 查看帮助 python mainpy -u 利用漏洞 python mainpy -f urltxt 批量测试漏洞是否存在 python mainpy -f urltxt -o b

CVE-2021-41773_Exploit 110-1 網路與系統安全 Group 16 資工三 108590029 朱欣雨資工三 108590050 李浩銘

School project - Please use other repos for actual testing

CVE-2021-41773-exploiter School project - Please use other repos for actual testing

Small PoC of CVE-2021-41773

CVE-2021-41773 Small PoC of CVE-2021-41773 Usage Set target in script Run Reference Exploit on ExploitDB THM Room

🚩 CTF Zup 2021/2 Write up 2# Este documento contém todas as minhas respostas (passo a passo) e ferramentas utilizadas para resolução dos desafios do CTF Zup 2021/2 (segundo semestre) Categorias Android Android1 Android3 Android4 Android5 Android6 Cloud Security Leak Bucket Misc Conversa estranho Se FOR fácil, eu MATO! Packet Reverse Eng

A little demonstration of cve-2021-41773 on httpd docker containers

CVE-2021-41773 A Demonstration to show the CVE-2021-41773 vulnerability on a docker container Usage Server run buildsh(runs docker build) /scripts/buildsh NOTE: No need to do it more than once run deploysh (creates a docker container with the image from buildsh) /scripts/deploysh to clos

Brewdog might make an OK pint but its security sucks: Flaw opened door to free beers for anyone

The Register • Iain Thomson in San Francisco • 11 Oct 2021

Get our weekly newsletter Plus two failings this week at Apache and Twitch and nostalgia for Flash fans

In brief Hipster beer maker Brewdog has been caught out by a basic, but potentially very expensive, security problem, and the team that discovered it says the Scottish tipple-merchant's response was hardly encouraging. Research by security shop Pen Test Partners found that the Brewdog mobile app used the same hard-coded API Bearer Token to log in every single customer on their mobiles. This would allow anyone to access and use other people's accounts, including 200,000 "Equity for Punks" shareho...

CVE-2021-41773

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Mailing Lists

Metasploit Modules

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect